Andreas Schulze
2013-Nov-13 21:07 UTC
[nsd-users] weak ciphers enabled to remote-control nsd+unbound
Hello, nsd and unbound can be controlled using nsd-control and unbound-control. SSL is used to ensure privacy and authentication. Although those connections are commonly used at localhost only they are usable over public networks by design. But the server allow weak ciphers. Users have no option to control these setting. # sslscan --no-failed localhost:8952 _ ___ ___| |___ ___ __ _ _ __ / __/ __| / __|/ __/ _` | '_ \ \__ \__ \ \__ \ (_| (_| | | | | |___/___/_|___/\___\__,_|_| |_| Version 1.8.2 http://www.titania.co.uk Copyright Ian Ventura-Whiting 2009 Testing SSL server localhost on port 8952 Supported Server Cipher(s): Accepted SSLv3 256 bits AES256-SHA Accepted SSLv3 128 bits AES128-SHA Accepted SSLv3 168 bits DES-CBC3-SHA Accepted SSLv3 56 bits DES-CBC-SHA Accepted SSLv3 128 bits RC4-SHA Accepted SSLv3 128 bits RC4-MD5 Accepted TLSv1 256 bits AES256-SHA Accepted TLSv1 128 bits AES128-SHA Accepted TLSv1 168 bits DES-CBC3-SHA Accepted TLSv1 56 bits DES-CBC-SHA Accepted TLSv1 128 bits RC4-SHA Accepted TLSv1 128 bits RC4-MD5 Prefered Server Cipher(s): SSLv3 256 bits AES256-SHA TLSv1 256 bits AES256-SHA I suggest to enhance the code to use a fixed cipher and protocol by default and optional make these settings configurable. Also DH key exchange would be nice (PFS, http://de.wikipedia.org/wiki/Perfect_Forward_Secrecy) Andreas
Paul Wouters
2013-Nov-13 21:24 UTC
[nsd-users] [Unbound-users] weak ciphers enabled to remote-control nsd+unbound
On Wed, 13 Nov 2013, Andreas Schulze wrote:> nsd and unbound can be controlled using nsd-control and unbound-control. > SSL is used to ensure privacy and authentication. Although those connections > are > commonly used at localhost only they are usable over public networks by > design. > > But the server allow weak ciphers. Users have no option to control these > setting.> I suggest to enhance the code to use a fixed cipher and protocol by default > and optional make these settings configurable. > > Also DH key exchange would be nice (PFS, > http://de.wikipedia.org/wiki/Perfect_Forward_Secrecy)Actually, I suggest we adopt the patch that floated around last year to allow people to use a pipe when running on localhost, which would be much simpler then the entire TLS overhead. Keep the TLS for people who wish to remote control their unbound instances, but I don't think those are many. Whereas everyone with unbound-control/dnssec-trigger setups now have to go through the overhead/complexity of TLS. Paul